How To Deploy MVPS HOSTS File on an Android Phone

I have replaced the default HOSTS file on my Android device with the MVPS HOSTS file, a blacklist for blocking advertising, tracking and malware-distributing server names. Installing this blacklist confers the same browsing security, privacy, and performance benefits on my phone as I have long enjoyed on conventional workstations: ad blocking, faster web page loads and decreased bandwidth usage, mitigation of browsing behavior profiling and contextual ad targeting, and reduced exposure to malware infection by malicious web sites. Allow me to demonstrate the specific procedure that I used and hopefully save others some time.

Background

First, a quick background review. The MVPS HOSTS file is a regularly updated, community curated list of internet server hostnames (currently over 15,000 of them) known to be implicated in advertising, user habit tracking, and other unsavory security and privacy infringing sorts of activities. There are a variety of these lists packaged up by different parties, with no doubt significant overlap, but MVPS HOSTS is one of the oldest and best recognized as far as I am aware, and the one which I have used on all my Windows systems and those of my customers for many years. Other applications exist on the market that block ads and enhance browser privacy (often, in fact, leveraging MVPS HOSTS as an underlying database), but what I like about the HOSTS file method is, it operates in raw form and doesn’t require any separate application to be installed.

A HOSTS file is designed to act as a local preemptive override for DNS resolution. All operating systems, including Windows, Unix, and Mac, have a place where a HOSTS file blacklist can be plugged, causing every attempt to establish network communications with the listed servers to be short circuited with extreme prejudice at the earliest stage of hostname resolution. The result is very effective. When I’m browsing the web, by virtue of using this tool, I see very little to no ads in page content. I never have to wait through an ad before watching a Youtube video. There are cases where it blocks behaviors in free standing installers and applications. It works so well that it’s become shockingly unpleasant for me browsing the web on any system that doesn’t have ad blocking – I can’t believe people live with so many flashing banners all over the place. If I accomplish anything here I hope to show that you don’t have to simply accept those terms.

The mvps.org page already covers deploying MVPS HOSTS file on Windows. Let me show you how I deployed it on Android.

Prerequisites

Here’s what you’ll need to do this on Android:

A rooted device. “Root” indicates the condition where the operating system feature has been enabled (more properly, not disabled) which allows a process to escalate privilege to superuser to perform the kind of system administration tasks which will be necessary. If you’re running a stock ROM from a service carrier / hardware manufacturer, you’re most likely not rooted; custom ROMs almost always make root available. See this older but still informative guide to rooting for detailed questions and answers. There are many reasons to root your phone and flash custom ROMs that are out of scope of this article, but I encourage everyone to learn about it. In my case I’m running a custom ROM with built-in root, CyanogenMod 11 M12 d2lte on a Samsung Galaxy S3.

A terminal application on the device. You’ll need a way to issue commands at the Unix shell. My CyanogenMod build prepackages Terminal Emulator for Android. Download it or something like it if you don’t have one.

A computer, and the cable for transferring files to the device. You could technically download the HOSTS file right from the web to the phone, but the way I pushed it over was from a Windows system via the USB cable and MTP, so that’s the method I’ll detail below.

The procedure

Obtain the HOSTS file and rename it to lowercase

  • Download the MVPS HOSTS file to your computer from the official mvps.org source. This is a zip archive, so extract the file entitled HOSTS inside. You only need that one file, and can discard the rest of the zip file’s contents.
  • Rename the file from HOSTS (uppercase) to hosts (lowercase). Windows expects uppercase, Unix (which Android is) expects lowercase. The filename should not have a suffix.
  • (Technical note: I found that Android is not fussy about the DOS line termination with which the file ships, and does accept it just fine.) [Edit: In a subsequent MVPS HOSTS file update, line termination did matter. It must depend on the file contents. To be safe, change to UNIX EOL termination using a text editor or use my tool here: Download MVPS HOSTS File Converted to Unix EOLs.]

Transfer the (now lowercase named) hosts file to your device

  • Connect your Android device to the computer via USB in ordinary media transfer mode (MTP).
  • Copy the file, now entitled hosts, to a convenient drop location where you’ll be able to get at it easily. In my case I dropped it to my ordinary user data area in internal storage.
  • (I can conceive of other ways to transfer it such as via an SD card or adb; that’s fine too, just make sure you can find it in the device’s directory tree later. If you have adb you can probably do the whole thing from that frontend and don’t need this procedure anyway.)

Open a terminal, become root, and get to where the hosts file was placed

  • On your Android device, start a terminal instance and issue su to become superuser. You should be presented with a confirmation screen. If you get su: not found instead, your device is not rooted and you can’t proceed.
  • Confirming superuser

  • If su succeeded, after you pass the confirmation screen, the command prompt will change from one ending in a dollar sign ($) to one ending in a hash mark (#).
  • Navigate to the path where you placed the hosts file. On my device, for the drop location I described, I got there via cd /data/media/0. If you placed it somewhere else, figure out what that path is.
  • You’re in the right place, of course, when you can issue ll hosts and see the file listed with its correct size, which presently should be upwards of 500k.
  • Initial drop path

Remount the /system filesystem read-write

  • The path to the hosts file on Android is /system/etc/hosts, but before we can modify anything under /system, we have to make it writeable. Builds may differ in whether this step is necessary, but on my ROM /system ordinarily stays locked down in read-only mode, so it is.
  • Issue mount -o remount,rw /system to remount the /system filesystem in a writeable mode.
  • Remounting /system read-write

  • For reference, you can determine what the mount state of /system is by issuing mount | grep system. The options are the 4th field, comma delimited, and will contain either ro when read-only or rw when read-write.

Deploy the new hosts file

  • Now that everything’s ready, issue cp hosts /system/etc to copy the hosts file to its permanent location.
  • You can then verify a successful drop by issuing ll /system/etc/hosts to confirm the file appears at its correct size.
  • Hot drop path

  • (The original hosts file that shipped with the system is trivial; on my system it was only 25 bytes long. You won’t have trouble distinguishing between them.)

Wrap up

  • If you had to change it to read-write mode before, you will want to return the /system filesystem to read-only mode now. Issue mount -o remount,ro /system to accomplish this.
  • Feel free to then remove the copy of hosts from the user area drop directory by issuing rm hosts. Or delete it later with a file manager; doesn’t matter.
  • Issue exit to get out of the su shell, and exit again to get out of the terminal session.
  • Wrapping up

  • That’s it, you’re done. A reboot is not required.

The MVPS HOSTS file is updated roughly every 2-3 months by its maintainers, so make sure to keep it current to have the most up-to-date host filtering blacklist. The procedure for updating it would be in effect identical to the initial drop procedure.

Resources

MVPS: Blocking Unwanted Connections with a Hosts File

Wikipedia: DNS

Lifehacker: Everything You Need to Know About Rooting Your Android Phone

Google Play Store: Terminal Emulator for Android (Free Application)

How-To Geek: Android USB Connections Explained: MTP, PTP, and USB Mass Storage

11 Comments

  1. Salim

    Thank you, i was using the host file method for a long time in windows using the official file from mvps.org, i didn’t know android has this feature but now thanks to you i can browse the web without being disturbed by adds, you deserve a prize 🙂

  2. Wallace n. Gromit

    I have known about hosts files for years and used mvps to change it on my Windows and debian/raspbian computers. Have always wanted to try the hosts file thing on Android. The process was seemingly always very complicated using that Android debugging program. I was in possession of a rooted Android phone I bought on Ebay (which begged the question who/why was it rooted? which is another topic). Following your directions (with some clever modifications) managed to update my hosts file.

    The problem I had was after downloading the hosts file from my windows computer to the android phone (to multiple locations) couldn’t locate the hosts file. hummmm, now what? you offered a converted hosts file in unix format, so how to get that directly? after searching for several ideas online I came across this solution: root@jflteatt:/data/media/0 # curl -O -k https://www.scottbrownconsulting.com/extra/mvpsunix/hosts the -O (capital “O”) switch downloads the text into the Hosts file. I found out without it it just dumps the text file contents without creating the file. The -k switch disables the CA certificate verification. Which I imagine isn’t a good thing to do typically. the optional switch instead is –insecure. Now I have an updated MVPS hosts file on my rooted android device!

  3. scott

    Excellent. You might also be able to do wget https://www.scottbrownconsulting.com/extra/mvpsunix/hosts. I was just transferring the file over a USB cable connection using either adb or mtp.

  4. It’s much easier to use TWRP.
    Use MTP to move file from computer to SD Card
    Use Solid Explorer to move file from SD Card to /System/etc (select “overwrite” to delete old hosts file). If /System is write protected, boot into TWRP, select “Mount” and uncheck “Mount system partition read-only.”
    Boot back into Android and use Solid Explorer as described above.

    My phone is a Moto G (2015) running Lineage Android Pie and Magisk.

  5. Wallace n. Gromit

    Using wget was actually the first thing I tried. The OS didn’t support wget. Then I tried fetch. Same thing. It had something to do with API’s. Curl was the only command that my android command prompt understood. I will have to look into TWRP.

    Now that I’m on a roll, thinking about rooting some other android phones. In the short time I used my pre-rooted ebay phone to download/install hosts, I have come across xda-developers.com and ODIN3. This is really cool stuff! Have already rooted an old Samsung and going to try and install the MVPS hosts in that.

  6. Wallace n. Gromit

    BTW, the rooted ebay phone is a Samsung Galaxy S4. My latest rooted Phone using xda-developers.com and ODIN3 is a Samsung Galaxy Core Prime using CF-Auto-Root-cprimeltemtr-cprimeltemtr-smg360t1.tar . Don’t know how to identify what is running on it. Is Lineage Android Pie and Magisk something you root or install after you root? Still a noob about this. but learning fast.

  7. Wallace n. Gromit

    Dang, not sure but did I soft brick my Samsung? It installed the rooted firmware. I set up my google account to get app updates. I did the hosts update. Eveything looked great. Then turned off the phone and turned it back on. Get the “Custom binary blocked by FRP”. When I try to do “Wipe data/factory reset” it fails. They do charge for stock samsung firmwares. I have two of the same exact model. Is it possible to extract the stock firmware from my second unrooted phone and flash it to the “Custom binary blocked by FRP” phone?

    TIA

  8. Wallace n. Gromit

    read this on the second link you posted. “…complete backup of data on your device or create a Nandroid backup using TWRP Recovery.” Will this application work with my 2 Samsung Galaxy Core Primes –Samsung model SM-G360T1? One has never been rooted … the other is stuck in that “Custom binary blocked by FRP”.

    Regardless, this is very facinating stuff. I am really impressed that the Samsung Galaxy 4S can be rooted/flashed with Android 9 pie — wow. And backed up too. Will be lookiing into that TWRP application for my 4S.

  9. Sorry, but I can’t help you with questions regarding specific models… I’m better at pointing in the general direction.

  10. Wallace n. Gromit

    found/downloaded a stock firmware for my Galaxy Core Prime and flashed it back to stock — not bricked. Looking at the directions for the TWRP for Galaxy 4S… need to be sure the bootloader is unlocked. When I enable developer mode in the 4S I don’t see the switch to unlock the bootloader, like I see on the Core Prime. After further reading I see that ATT began locking the bootloader(s). This was an ATT phone. Can you point me in the general direction to unlock the boot loader Ralph?
    TIA

Comments are closed.
Top